On Tue, Jan 31, 2012 at 12:17 AM, Gregory Maxwell <gmaxw...@gmail.com> wrote: > On Mon, Jan 30, 2012 at 11:33 PM, Michael Hendricks <mich...@ndrix.org> wrote: >> address manager point to the attacker. If a client has 8 connections >> to the network, a Sybil attack would succeed 1.7% of the time. > > Meh, careful not to mixup addrman created issues with preexisting ones > simply related to the number of connections vs the number of nodes. > Even absent addressman someone who can spin up a large multiple of the > current nodes as tcp forwarders to a system they control can capture > all of a nodes outbound connections.
I think I've explained myself poorly. On my nodes, the old address database routinely has 120k addresses. With the new address manager, it will have 20k addresses. Filling the former with 60% evil nodes requires 72,000 evil nodes; while the latter requires 12,000. As I mentioned in my first post, I think the new address manager "is a valuable improvement over what we have today". I think it should be included in the next release. I also think we should be aware that we're making it somewhat easier to isolate outbound-only nodes. A single listening node can support 15 non-listening nodes (125/8). The network currently has 5 non-listening nodes for every listening node. That ratio has stayed quite stable, so I think we have wiggle room if we wanted to allow more outbound connections in some circumstances. -- Michael ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
